247487 – www/apache24: Segfault when reloading jailed

Bug 247487 - www/apache24: Segfault when reloading jailed

Summary: www/apache24: Segfault when reloading jailed

Status:	Closed Feedback Timeout

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	amd64 Any

Importance:	--- Affects Some People
Assignee:	freebsd-apache (Nobody)

URL:
Keywords:	crash, needs-qa

Depends on:
Blocks:

Reported:	2020-06-22 20:30 UTC by bartek
Modified:	2022-10-20 16:20 UTC (History)
CC List:	3 users (show)

See Also:

Flags:	bugzilla: maintainer-feedback? (apache)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description bartek 2020-06-22 20:30:54 UTC

Hello.
After upgrade from php71 to php74 apache started to crashing with coredump when recieved -HUP (so after every logrotate).
This happens only when running in jail, after upgrading on physical machine everything is fine. 
Same configuration with php71 is working fine.
Bug is repeatable everytime I invoke `service apache24 reload`

What can I do to trace source of problem?

[root@a24 /]# uname -a
FreeBSD a24.fsi.pl 12.1-RELEASE-p6 FreeBSD 12.1-RELEASE-p6 GENERIC  amd64
[root@a24 /]# httpd -v
Server version: Apache/2.4.43 (FreeBSD)
Server built:   unknown
[root@a24 /]# php --version
PHP 7.4.7 (cli) (built: Jun 16 2020 01:25:10) ( NTS )
Copyright (c) The PHP Group
Zend Engine v3.4.0, Copyright (c) Zend Technologies
    with Zend OPcache v7.4.7, Copyright (c), by Zend Technologies

backtrace of core:
(gdb) bt
#0  0x0000000041993b40 in ?? () from /usr/local/lib/libnghttp2.so.14
#1  0x000000004287cbe6 in ?? () from /usr/local/libexec/apache24/libphp7.so
#2  0x000000004286122d in zend_llist_apply_with_del () from /usr/local/libexec/apache24/libphp7.so
#3  0x000000004287cbc7 in ?? () from /usr/local/libexec/apache24/libphp7.so
#4  0x00000000427f5268 in php_module_startup () from /usr/local/libexec/apache24/libphp7.so
#5  0x000000004290a405 in ?? () from /usr/local/libexec/apache24/libphp7.so
#6  0x0000000042909c56 in ?? () from /usr/local/libexec/apache24/libphp7.so
#7  0x0000000000259a6f in ap_run_post_config ()
#8  0x00000000002588b6 in main ()
(gdb)

truss output just before crash:
25003: open("/usr/local/etc/browscap.ini",O_RDONLY,0666) = 10 (0xa)
25003: ioctl(10,TIOCGETA,0x7fffffffe1a0)         ERR#25 'Inappropriate ioctl for device'
25003: fstat(10,{ mode=-rw-r--r-- ,inode=1691563,size=415227,blksize=32768 }) = 0 (0x0)
25003: fstat(10,{ mode=-rw-r--r-- ,inode=1691563,size=415227,blksize=32768 }) = 0 (0x0)
25003: read(10,";;; Provided courtesy of http://"...,32768) = 32768 (0x8000)
25003: read(10,""\r\nisBanned=true\r\n\r\n[Searc"...,32768) = 32768 (0x8000)
25003: read(10,"/www.inclue.com; graeme@inclue.c"...,32768) = 32768 (0x8000)
25003: read(10,"Systems\r\n\r\n[Blue Coat System"...,32768) = 32768 (0x8000)
25003: read(10,"/* (KHTML, like Gecko) *Iron/11."...,32768) = 32768 (0x8000)
25003: read(10,")*Version/* Mobile/* Safari/*]\r"...,32768) = 32768 (0x8000)
25003: read(10,"e\r\nTables=true\r\n\r\n[ELinks "...,32768) = 32768 (0x8000)
25003: read(10,"scape 5.1]\r\nParent=DefaultProp"...,32768) = 32768 (0x8000)
25003: read(10,"indows NT 6.1*)*]\r\nParent=Oper"...,32768) = 32768 (0x8000)
25003: read(10,"*Opera?4.*]\r\nParent=Opera 4.00"...,32768) = 32768 (0x8000)
25003: read(10,"indows XP*)*]\r\nParent=Opera Ge"...,32768) = 32768 (0x8000)
25003: read(10,"*) Gecko/* Firefox/3.1*]\r\nPare"...,32768) = 32768 (0x8000)
25003: read(10,"CssVersion=2\r\nAolVersion=9\r\n"...,32768) = 22011 (0x55fb)
25003: clock_gettime(4,{ 258339.447697735 })     = 0 (0x0)
25003: clock_gettime(4,{ 258339.447764503 })     = 0 (0x0)
25003: mmap(0x0,659456,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANON,-1,0x0) = 1144061952 (0x44310000)
25003: close(10)                                 = 0 (0x0)
25003: __sysctl(0x7fffffffe3a8,0x2,0x7fffffffe394,0x7fffffffe398,0x0,0x0) = 0 (0x0)
25003: issetugid()                               = 0 (0x0)
25003: open("/etc/ssl/openssl.cnf",O_RDONLY,0666) = 10 (0xa)
25003: fstat(10,{ mode=-rw-r--r-- ,inode=81460552,size=11000,blksize=32768 }) = 0 (0x0)
25003: read(10,"# $FreeBSD: releng/12.1/crypto/o"...,32768) = 11000 (0x2af8)
25003: read(10,0x41e07c40,32768)                 = 0 (0x0)
25003: close(10)                                 = 0 (0x0)
25003: fstatat(AT_FDCWD,"/etc/cram-md5.pwd",0x7fffffffe2f0,0x0) ERR#2 'No such file or directory'
25003: fstatat(AT_FDCWD,"/dev/urandom",{ mode=crw-r--r-- ,inode=8,size=0,blksize=4096 },0x0) = 0 (0x0)
25003: SIGNAL 11 (SIGSEGV) code=SEGV_ACCERR trapno=12 addr=0x4228cf89
25003: process killed, signal = 11

Comment 1 Bernard Spil freebsd_committer

2020-08-06 13:10:03 UTC

PHP tends to be finicky when it comes to the order in which modules
are loaded. I've had plenty crashes due to that. The 7.4 module ports
do order the modules, but it helps to check. Disable them all, enable
one-by-one see when it crashes.

Also, you should consider switching to mod_fastcgi and php-fpm so your
Apache server doesn't crash when PHP does. mod_php should still work,
but I don't think it's currently the preferred method.